Next DLP Blog

Why do phishing attacks happen? | Next DLP blog

Written by Katie Crowell | Sep 10, 2021 9:51:00 AM

This is a common term often mentioned when we talk about cyber attacks or hackers. Phishing attacks are one of the most common methods to acquire data and information, but what is the purpose of a phishing attack?

In this article:

Wh‎y do phishing attacks happen?

A phishing attack is a type of social engineering tactic that is used by hackers to gain sensitive data such as passwords or credit card details. This is usually achieved through fraudulent communication (most commonly via email) whereby they pretend to be someone else, often an authoritative figure or well-known company. They use this persona to then manipulate users into giving up their data.

In emails they may insert links which when clicked will install malware into your computer. Alternatively they may add attachments, which serve the same purpose. Once the malware is installed they are able to access your device and potentially the whole network to gain the information they want. Previously, we’ve discussed what is phishing in more detail and how to prevent social engineering attacks.

Wh‎at is the purpose of a phishing attack?

The overall goal of a phishing attack is usually to gain sensitive data such as logins and passwords from their victims in order to access the targeted network or company . 

One of the main purposes of doing this is to get a foothold into the device/network to gather and find the information they want. This is mainly for financial gain so it could be credit card details, or something more sinister such as personal information for them to sell on the dark web. Sometimes they may directly try to manipulate users into providing them with their bank details, or they may go down the malware route.

Phishing attacks are one of the simpler social engineering tricks that hackers use as less work is involved. There is no complex hacking needed, and like many other social engineering tactics, it relies on the manipulation of human nature to provide access without the user realising it. This means that your computer/device/network can have the strongest cyber security software from antivirus and anti-malware to end to end security, and still be a victim of a phishing attack. This is because they target the weakest link in the chain; the users.

Wh‎y do hackers use phishing attacks over other methods?

There are many reasons why criminals would choose phishing attacks over other social engineering methods. These include:

  • Email is widespread - users with little to no cyber security awareness will use email and they’re easy to target
  • It’s an easy and simple method of targeting - as it doesn’t require technical skills, criminals don’t need to hack into systems or work out a password to succeed. Once the email has been sent, all they need to do is wait for replies, clicks, downloads of attachments - their main job is purely to only send the email itself then access networks through the malware
  • Fewer complications - they don’t need to bypass strict security protocols 
  • Potential for wide net - phishing can lend itself to targeted attacks (spear phishing) or non-targeted, wide net attacks to gain as many footholds as possible

Versatile technique with many variants - phishing, spear phishing, internal spearphishing and these can be used to deliver various types of malicious code like ransomware.

Fr‎equently asked questions

What is a phishing attack?

A phishing attack is a social engineering tactic hackers use to acquire sensitive data, such as passwords or credit card details. This is typically achieved through fraudulent communication, most commonly via email, where the attacker pretends to be someone else, often an authoritative figure or well-known company. The goal is to manipulate users into giving up their data or clicking on malicious links or attachments.

How do phishing attacks work?

Phishing attacks typically work by:

  • Fraudulent communication: The attacker sends emails or messages that appear to be from legitimate sources.
  • Malicious links or attachments: The actor adds links or attachments in the communication that install malware on the victim's device when they click or download.
  • Data harvesting: Once malware is installed, attackers can access the victim's device and network and collect sensitive information.

Why are phishing attacks so common?

Unfortunately, phishing is one of the most common ways attackers gain unauthorized access to an organization’s systems. Phishing is common for several reasons: 

  • Widespread email use: Email is a ubiquitous communication tool, making it easy for attackers to target many users with minimal effort. Phishing can be used in both targeted (spear phishing) and non-targeted attacks, casting a wide net to capture as many victims as possible.
  • Simplicity and effectiveness: Phishing doesn’t require advanced technical skills. Attackers only need to send emails and wait for victims to click on links or download attachments. Plus, phishing bypasses many security protocols since it exploits human behavior instead of technical vulnerabilities.
  • Versatility: Phishing has many variants, such as spear phishing and internal spear phishing, and can deliver various types of malicious code, like ransomware.

What should I do if I suspect a phishing email?

If you think an email is a phishing attempt, follow these steps:

  • Do not click: Never click links or download attachments from a suspicious email. 
  • Verify the sender: Check the sender's email address for signs of spoofing or impersonation.
  • Report the email: Report the suspicious email to your IT or security team.
  • Delete the email: After reporting it, delete the email from your inbox.